How do I configure my devices to use Pi-hole as their DNS server?


#1

I’ve made some edits. We think number one and two from your post should be swapped. We have a wide userbase of non-technical people and many will have a stock router. This also follows the natural order of going from simple to complex setups, so it’s a bit easier to read.

Three methods

Generally, there are three different methods that will enable devices on your network to be protected by Pi-hole.

1. Define Pi-hole’s IP address as the only DNS entry in the router

Rationale

Only is italicized here for a reason: Pi-hole needs to be the only DNS server because it intercepts queries and decides whether or not they should be blocked. If you have other DNS servers configured, you may be sent to the correct domain, bypassing Pi-hole completely.

Because of this, we recommend this method (or method 2) as all your devices can be protected and you only need to change one setting. For many home users, their router settings pages will look similar.

This method may not be possible to enable on some routers depending on the feature set exposed to the firmware; if you are running an advanced firmware, you may want to look at method 2.

Caveats

  1. Per-host tracking on Pi-hole (i.e. logging of DNS requests tied to individual machines by their respective hostnames) will be unavailable unless you use the hosts file on Pi-hole (all requests will show as originating from the router itself).
  2. The ability to resolve hostnames on the LAN. For example, connecting to a machine behind the router by its hostname will not work.

Setup

Log into your router’s configuration page and find the DHCP/DNS settings. Note: make sure you adjust this setting under your LAN settings and not the WAN.

option2

Again, Pi-hole should be the only DNS server set here as Pi-hole already delivers the other upstream servers. If you set another server in your router, it’s possible your ad blocking may be negatively affected.

They should have been configured during installation of Pi-hole, but you want to verify you have designated upstream DNS servers. This setting is found in the Web interface (http://pi.hole) > Settings > DNS and define the Upstream DNS entries:

upsteamdns

Important: If you have existing network devices on your network when you make this change, you will not see ads getting blocked until the DHCP lease is renewed. You can usually force a renewal by restarting the device.

2. Advertise Pi-hole’s IP address via dnsmasq in the router (if supported)

This method is very similar to method 1, but if your router has an advanced firmware (OpenWRT, DD-WRT, Tomato, etc.), you probably have more options available then what you would find on a stock router purchased from the store.

Rationale

If you have this capability, there are a few benefits:

  1. Per-host tracking on Pi-hole
  2. The ability to resolve hostnames on the LAN
  3. Ad blocking/network monitoring provided by Pi-hole

Setup

On the router, use a custom dnsmasq config entry to advertise the IP of the Pi-hole box. Many firmwares have a section in their respective web GUIs listed under DHCP or DNS for this. The screenshot below was taken from DD-WRT and is only meant to be illustrative:

ddwrt

The syntax is: dhcp-option=6,IP_of_Pi-hole. This is simply doing what the method 1 above is obscuring (setting DHCP option 6)

Example: If Pi-hole is running on a machine whose IP address is 192.168.1.250, this becomes: dhcp-option=6,192.168.1.250

On Pi-hole, login to the web interface (http://pi.hole) > Settings > DNS and instead of choosing upstream servers like Google or OpenDNS, set the upstream to be the IP address of the router as the only upstream DNS server. Do not define any other DNS entries for Pi-hole:

router

3. Manually configure each device

This option works well in two use cases:

  1. You only want certain devices to use Pi-hole
  2. You only want certain devices to not use Pi-hole

Rationale

This method allows for hand-picking which device on the LAN is protected by Pi-hole. Think of it is an opt-in strategy allowing clients/devices the choice to be protected by Pi-hole or not.

Likewise, you can use this method to opt-out of Pi-hole. This assumes you have configured your network to use Pi-hole as their DNS server using one of the two previous methods. By manually setting the DNS server to something other than Pi-hole, you override the DHCP options, and thus what DNS server to use, provided by your router.

Setup

macOS

  1. Click Apple > System Preferences > Network
  2. Highlight the connection for which you want to configure DNS
  3. Click Advanced
  4. Select the DNS tab
  5. Click + to replace any listed addresses with, or add, your Pi’s IP addresses at the top of the list:
  6. Click Apply > OK
  7. Repeat the procedure for additional network connections you want to change.

Windows

DNS settings are specified in the TCP/IP Properties window for the selected network connection.

  1. Go to the Control Panel
  2. Click Network and Internet > Network and Sharing Center > Change adapter settings
  3. Select the connection for which you want to configure
  4. Right-click Local Area Connection > Properties
  5. Select the Networking tab
  6. Select Internet Protocol Version 4 (TCP/IPv4) or Internet Protocol Version 6 (TCP/IPv6)
  7. Click Properties
  8. Click Advanced
  9. Select the DNS tab
  10. Click OK
  11. Select Use the following DNS server addresses
  12. Replace those addresses with the IP addresses of your Pi
  13. Restart the connection you selected in step 3
  14. Repeat the procedure for additional network connections you want to change.

Linux

In most modern Linux distributions, DNS settings are configured through Network Manager.

  1. Click System > Preferences > Network Connections
  2. Select the connection for which you want to configure
  3. Click Edit
  4. Select the IPv4 Settings or IPv6 Settings tab
  5. If the selected method is Automatic (DHCP), open the dropdown and select Automatic (DHCP) addresses only instead. If the method is set to something else, do not change it.
  6. In the DNS servers field, enter your Pi’s IP addresses
  7. Click Apply to save the change
  8. Repeat the procedure for additional network connections you want to change.
  9. If your distribution doesn’t use Network Manager, your DNS settings are specified in /etc/resolv.conf.

What Really Happens On Your Network? Find Out With Pi-hole
How to setup DNS going upstream?
Admin gui, queries, and installion questions
Router config doesnt accept RPI IP as DNS [Ubee EVW3226_1.0.16]
Pi Hole stops working
How do I use Pi-hole's built in DHCP server (and why would I want to)?
Router settings
DNS Order confusion
No internet on some devices after setting router to use Pi Hole as DNS server
AdBlock prevents ads while Pi-hole allows. Is Pi-hole misconfigured?
Unable to Enable Pi Hole DHCP Server. Internet Access Lost
Zero DNS queries
How can I use Pi-hole for all my devices except one (or more)?
Only 2 Clients Appear on the Admin Console
Pihole only working on local host
Documentation for setting PiHole up as a DNS server
Pi-Hole doing nothing
New Pi-Hole questions
Connecting via VPN - Not blocking any adds
My NetGear router does not forward DNS requests to Pi-hole?
Pihole stops blocking ads
Query on my Setup: Docker on Synology + Merlin Firmware Router
Very new user
Won’t block any ads in my iPhone X
New install doesn't seem to be blocking anything
Pihole Only blocks ads on my Pi
How do I troubleshoot name resolution?
Pihole have no log files
Why do I only see my router's IP address instead of individual devices in the Top Clients section and Query Log?
Pi-hole not working on desktop
How can I disable Pi-hole or unblock ads for a single device?
Having trouble with new Pi Hole
Not blocking ADs
Ads not blocked from Ubuntu VM after install. Perhaps router configuration?
Pi-Hole DHCP Hostnames to Router/Fing
Web interface showing zero queries
piHole with Netgear R6400 using Tomato
Pi-hole Is Open Source: Consume, Contribute, Or Both?
I see 17 queries and 0 blocked. Do I have Pi-hole configured correctly?
Dnsmasq daemon is failed
How do I install Pi-hole on a Synology NAS?
What can I do if I can't change manually set the DNS server on my router?
Wireless network - without changing DNS on devices
I am new to linux, and this guy just won't work! HELP! :)
SOLVED - Activating Pi Hole Stops Internet Access
Not working on jessie after update, dnsmasq updated too
Hardware/Software Requirements
PiHole statistics show it working, but it doesn't block basic ads
PiHole statistics show it working, but it doesn't block basic ads
It Just doesn't seem to work
Www.googleadservices.com 8,894k denied requests (while asleep?)
FTL issues: Connection refused. Is FTL running?
Local network
Pihole Newbie needs lots-o-network help!
Pi-Hole not blocking anything
Some websites don't load, some load partially
No access to admin page after PiHole installation
#2

A post was split to a new topic: Unable to set DNS with pfsense router on 2.3.2-RELEASE-p1


#3

#4